[ale] ISC DHCPD config question

Ron Frazier (ALE) atllinuxenthinfo at techstarship.com
Wed Aug 14 19:32:20 EDT 2013


PS  Be sure to deal with things that could blow past all your 
restrictions like: vpn's, proxys, anonymizers, ipv6, udp traffic.  If 
you're setting restrictions by IP, be sure to set the DHCP server to 
always divvy out the same IP for the same MAC AND make sure the kids 
cannot manually change the IP.

Someone mentioned removing the wifi dongle.  Hard to do with most 
devices because they have the wifi radio built in.  Also, smart socially 
connected kid could probably get someone to smuggle him one or he might 
find an old one in your junk drawer.

Ron


On 8/14/2013 7:12 PM, Ron Frazier (ALE) wrote:
> Options other than what's been mentioned:
>
> * Set rule that says internet access must be within observation range 
> of the parents, like in the living room.  At non allowable times, 
> internet connected devices must be left with the parents.  Flagrant 
> violation results in fewer privileges being allowed.  Parents have 
> master keys to everything, can monitor and inspect everything, any 
> time.  Kids may not install software or reconfigure the pc without 
> permission.
>
> * Get something like net nanny software and install on pc, phone, 
> etc.  Program appropriate rules into it.  Not sure if that product 
> works with Linux.  Windows has some parental control functions built 
> in.  Maybe something is available as an add on for Linux.
>
> * Find out if Netflix offers sub accounts / logins.  Those may have 
> parental control features.  Give each child a login and set limits.
>
> * Perhaps the best one, which I think JD alluded to, let the router 
> deal with it.  Give the kids a separate wifi ssid, possibly even a 
> separate router.  Make sure their computers cannot log into any other 
> ssid and that they cannot find the password to the others.  Make sure 
> they cannot get to the factory reset switch for the router.
>
> My Netgear routers have limited blocking by schedule built in.
>
> My Asus RT-N16 has very sophisticated parental control functions where 
> you can control hour by hour, day by day, per mac address.  Make sure 
> the kids cannot change the mac address.  Asus even made a video about it.
>
> http://www.youtube.com/v/IbsuvSjG0xM
>
> Note, if you want aggregate time limits, instead of time windows, 
> you're probably going to have to use some software on the computer 
> which monitors access time.
>
> Amazon Kindle ads have been raving on about their built in parental 
> controls.
>
> Sincerely,
>
> Ron
>
>
> On 8/14/2013 3:14 PM, Chris Fowler wrote:
>> For my network I run ISC DHCPD on my desktop.  I'm trying to solve an 
>> over use problem.
>>
>> I have two daughters in elementary school and I need to control their 
>> Internet access times.   Today i locked their computers down to just 
>> one AP.  My idea is to unplug the AP when it is time for no Internet.
>>
>> I then had another idea.
>>
>> What if I set up a 192.168.3.0/24 subnet on eth0:1 and then use my 
>> desktop as their gateway and cron with iptables to block them.
>>
>> The problem with this is that I have only one interface and if dhcp 
>> requests come to it how can I direct them to the correct subnet?  I 
>> would need to tell dhcpd that only 4 devices (via MAC) go to the 3.0 
>> and the remaining are part of the 1.0.
>>
>> Any ideas?
>>
>> Chris
>>


-- 

(PS - If you email me and don't get a quick response, you might want to
call on the phone.  I get about 300 emails per day from alternate energy
mailing lists and such.  I don't always see new email messages very quickly.)

Ron Frazier
770-205-9422 (O)   Leave a message.
linuxdude AT techstarship.com
Litecoin: LZzAJu9rZEWzALxDhAHnWLRvybVAVgwTh3
Bitcoin: 15s3aLVsxm8EuQvT8gUDw3RWqvuY9hPGUU



More information about the Ale mailing list